disclaimer---Sorry for a political rant, I guess I will post to /. next.
I feel the need to comment on these aspects of the tragedy that took place Tuesday and ask my fellow U.S. monks for help in trying to keep our freedoms.The good- The out pouring of sympathy and united front that great people from around the world have displayed in light of this horrible event.The bad-The horrible act of cowardice that took place on Tuesday.The ugly-The acts that the U.S. Congress feels it needs to take to prevent another attack like this.
In an article located at http://www.wired.com/news/politics/0,1283,46816,00.html,Declan McCullagh points out the steps that have already started in an attempt to limit cryptography laws world wide.
His article discusses a speech in which a U.S. senator mentions globally requiring cryptography products to have a back door to them.

I have several issues with requiring a back door-
1.Why does the government need to be able decrypt my messages?Where does it end? Do I then need to give the government an account on my pc? A key to my door? The U.S. Bill of Rights guarantees all U.S. citizens, free speach and undue searches.
2.What happens when we decide to no longer share this technology? Are we going to have to change all encryption programs so that a country that is now unfriendly with the U.S. government can't have it?
In our countries past 25 years, we have supported both Iraq in its war against Iran and Afghanistan against the Soviet Union.
Now we flirting with war with both.
3.Is it likely to stop the bad guys anyway? What is to say that terrorist organizations won't be able to find some 12 year old hacker to write their own cryptography solution?

Fellow monks, I now ask you to take action to prevent Big Brother from taking another step in watching us. Please when the the dust has started to settle, contact your legislators and voice your opinions in regard to this matter.

"The social dynamics of the net are a direct consequence of the fact that nobody has yet developed a Remote Strangulation Protocol." -- Larry
Wall

at the risk of saying something that is somewhat politically incorrect, i've never regarded such provisions as being fundamentally different than wiretap provisions. both have potential for abuse, and wiretaps have and continue to be applied for political gain by "legitimate" authorities.

but the potential to prevent such occurrences as last tuesday is significant. we need to rigorously apply standards of appropriate conduct within the legal "profession" and law enforcement arena, without a doubt. the reason we have them is still germane. how difficult would it be to penetrate this ring without the capability to trace their messages? think about that for a minute.

understand, i have no wish to make this easy to do, but neither do i think we would benefit by making it impossible.

I know that we should stop this discussion, but here I am talking about somethig where real perl code might be involved.... ;-)

Backdoor to encryption technology will not prevent communication between terrorists and will just waste resources of USA. There are simpler tools and technologies already available which, when integratedm are harder even to detect, and not decrypt. To get perfect encryption, your key needs to be really long. Processing power of PC is cheap, and communication channels are for free (almost). How to implement it?

For non-urgent messages (like trainig manuals), just send floppy or CD by mail. It's easy to set up bogus company selling CD's with ethnic music - or just use existing one, and just swap CD's. Heck, terrorist can order 5 CD's, one is bogus (with coding dictionary), can even complain that it is not a music and get refund!

For more urgent and near-interactive messages, use spam: Check encoding via spam -
SpamMimic. Determined Perl hacker can easily integrate this idea (published in a book), public chat channels, and program like Elisa. Your spam-mimic client will send short messages to chat, generated using dictionary appriate for a channel, and possibly responding to previous messages like Elisa does. Receiving agent will filter messages from known users only, and decode them. Short messages (by letter, or by word) look really innocent, try SpamMimic! Dictionary, programs for client sender and receiver, can be sent by CD-ROM. When thinking about it, I may even try it - looks interesting idea... ;-)

No Echelon and no Carnivore will be able to digest all this mountains of information - CIA has already tons of tapes with wirepaped phone messages waiting for a translation. And if terrorist are using code language (and sure they do), even phone messages may look innocent enough. So only known terrorists are traced in detail - not too promising, right?

As a programmer, I know that security can be only designed and build in, not tested out and controlled out. After reasonable punishment (just in eyes of at least of part of punished population), only way out is to give people something better to dream about than become a martyr out of desperation. Many good articles about it on www.salon.com.

In fighting, key to success is to use weight, power and inertia of your opponent to make him to do wrong step. Even in sumo, brute force alone cannot win. Looks like Americans forgot about that - probably watching too much staged fights of wrestlers of WWF.... :-(

"Violence is the last resort of the incompetent." - Salvor Hardin, Foundation by Isaac Asimov. I found in in google, in exactly the same context as I am using it right now...

I am not arguing against punishing terrorists (USA need to show it is not week). I try to warn against over-reacting, which will hurt freedoms of Americans, and do nothing about preventing next attack.

There are 24 milions people in Afganistan. All thinking people in USA and all over the world should be concerned, how many of afganistan young males will hate USA more than love own (miserable) life five years from now? Politicans plan only until next elections, year from now...

pmas
To make errors is human. But to make million errors per second, you need a computer.

When putting a smiley right before a closing parenthesis, do you:

Use two parentheses: (Like this: :) )
Use one parenthesis: (Like this: :)
Reverse direction of the smiley: (Like this: (: )
Use angle/square brackets instead of parentheses
Use C-style commenting to set the smiley off from the closing parenthesis
Make the smiley a dunce: (:>
I disapprove of emoticons
Other